General

  • Target

    dee680d520cf2028c542a9dfcdce39e9.bin

  • Size

    128KB

  • Sample

    230921-b3yc9aea44

  • MD5

    d2ef980d6c58d6e34864352dd986a3fc

  • SHA1

    276a6810da4af7b9089c3bde42e1f9d0a57a6be5

  • SHA256

    3032833ccf6ab90ef2a44638d965d466425a523448ecc4c387971bfad61f9c89

  • SHA512

    6e515a1370ccee394bc37f74ca092e9245dc54efe041e31a5cf74cac44b231965e3a1af658f5d8131aa9ed1ab39d6a97406398c738bbb1f26d032a19cc345a72

  • SSDEEP

    3072:sYIedrEXwhlkgp+ay3i/hgwbDpglnAxcP7xW4V++sZUVGpgw:sMggzThachgeDpglAxcP7FUJZUVG1

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Extracted

Family

smokeloader

Version

2022

C2

http://gudintas.at/tmp/

http://pik96.ru/tmp/

http://rosatiauto.com/tmp/

http://kingpirate.ru/tmp/

rc4.i32
rc4.i32

Targets

    • Target

      83f3f206fe4cc3ce88d84364f970ed0ced22d05f418b7760eae1e6fb2178a33c.bin

    • Size

      263KB

    • MD5

      dee680d520cf2028c542a9dfcdce39e9

    • SHA1

      a0925b6590613d67e94e37ebfc3a17b5c2def6d8

    • SHA256

      83f3f206fe4cc3ce88d84364f970ed0ced22d05f418b7760eae1e6fb2178a33c

    • SHA512

      b6a7c6dffc6eb613ba9a3703a706d8c8001b1b5f26ae8ee671e517a047691ee2ed8d493c8c6595d10606828a6adba8cca2eb8b12b3d9294b0f254545ca74ff45

    • SSDEEP

      3072:64GXFBuzBPTnKntTb48LZ10IcAT2TMYNfgnd9DhuUFb5d:IOBbnKnF4m1dgMWQ/DBFb

MITRE ATT&CK Enterprise v15

Tasks